[185836] in North American Network Operators' Group
Re: DNSSEC and ISPs faking DNS responses
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sat Nov 14 07:09:00 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <C822E40C-2AD3-4718-9AED-AA38F4F16C16@arbor.net>
Date: Sat, 14 Nov 2015 04:07:51 -0800
To: Roland Dobbins <rdobbins@arbor.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> On Nov 14, 2015, at 03:11 , Roland Dobbins <rdobbins@arbor.net> wrote:
>=20
> On 14 Nov 2015, at 16:05, Owen DeLong wrote:
>=20
>> Lots of VPN services out there like the ones mentioned earlier in the =
thread have made it nearly as simple to install and operate a VPN.
>=20
> Until the setup and functionality are automagic, we're not going to =
see broad use of VPNs by non-specialists.
The point you seem to be missing is that your =E2=80=9Cuntil=E2=80=A6=E2=80=
=9D is already met.
I know of at least one ISP that is providing CPE with VPN pre-configured =
and built in.
I know of several other software/service solutions that are literally =
download-launch-subscribe. (download client software, launch installer, =
supply payment information for subscription).
> VPN functionality is built into pretty much every mainstream (and many =
non-mainstream) OS out there, including mobile devices. But it isn't =
something that's simple; users have to at a minimum install and accept a =
VPN profile, which means they have to go looking for a service in the =
first place.
You=E2=80=99re not looking at the right VPN software. The built-in stuff =
is crap that is years behind the current state of the art.
> I'm wondering if perhaps major OS vendors/developers may start =
offering/OEMing VPN services, or at least distributing profiles in the =
same way as browser vendors/developers distribute CA certs?
More likely this is going to be iterations of what is already being more =
widely accepted. Downloadable pre-configured client software that works =
with a particular VPN service.
Point-click-subscribe model seems to receive fairly wide adoption among =
people sufficiently interested in bypassing {insert network damage here} =
to pay a monthly fee for a service that will do it.
I think the going rate is something like $5/month for US VPNs last time =
I looked.
Owen
